Posted
by
CmdrTacoon Wednesday March 30, 2011 @12:27PM
from the i-see-what-you-did-there dept.

Blacklaw writes "Google has publicly apologised for the mistakes it made during the launch of its Twitter-like social networking tool Buzz, and claims that it's learned its lesson — and will be undergoing independent privacy reviews to keep it on the straight and narrow."

I could excuse some kid goofing around sniffing networks around but we're talking about a multinational corporation driving around sniffing whatever they can. Their staff should know better, their law department should know better and they should already have accountability procedures in place to prevent this kind of thing from happening. It's a lack of professional ethics of a level normally reserved for banks and government agencies. What's next, driving around recording all conversations within earshot b

Their staff should know better, their law department should know better and they should already have accountability procedures in place to prevent this kind of thing from happening.

You actually want the soul-crushing bureaucracy that everyone hates about large organizations? Where every time you want to write three lines of code you have to get it cleared with the full board of directors and six battalions of lawyers?

Give me a break. If we want privacy then we need systems that protect privacy inherently, not witch hunts against whoever manages to remind us how poorly designed existing systems are.

You actually want the soul-crushing bureaucracy that everyone hates about large organizations? Where every time you want to write three lines of code you have to get it cleared with the full board of directors and six battalions of lawyers?

Give me a break. If we want privacy then we need systems that protect privacy inherently, not witch hunts against whoever manages to remind us how poorly designed existing systems are.

We need both. Everybody hates bureaucracy but let's face it sometimes it's a necessary evil. It's not efficient, it's not convenient or nice (and some days I swear if I hear the word "compliance" one more time I'll puke over my desk) but it's there for a reason and that's to protect customers.

It seems to me all the bureaucracy does is legitimize the evil. The company is still reading their employees emails, the ISP is still sending the NSA a copy of all your internet traffic, Sony is still sending everything you do on your PS3 to their servers, Microsoft is still tracking your Bing search history and sending it to the Chinese government, etc. But it's Corporate Lawyer Approved so it's all OK, right?

So I say again: We need systems that protect privacy inherently. Then we don't need an accursed bu

Why should they know better? They did nothing illegal. Some bureaucrats thought they could get brownie points by bullying Google. Google didn't have anything to win by fighting, so they rolled over. None of this means there was any wrongdoing on Google's part. At worst, they were impolite.

Why should they know better? They did nothing illegal. Some bureaucrats thought they could get brownie points by bullying Google. Google didn't have anything to win by fighting, so they rolled over. None of this means there was any wrongdoing on Google's part. At worst, they were impolite.

Wow. I see Google has moved on from copying iOS and is now perfecting its reality distortion field. (Jeez, that one is going to burn some karma.) The poor, poor billionaires at Google are being bullied by the big bad government for being impolite ? Grabbing someones email and passwords, which they owned up to doing [blogspot.com] ("It’s clear from those inspections that while most of the data is fragmentary, in some instances entire emails and URLs were captured, as well as passwords.") goes a little beyond impolite

There is absolutely nothing wrong with anyone, individual or company receiving bits that have been transmitted in the clear. I'm no Google fanboy. I don't use Chrome, I don't use Gmail, I don't run their scripts in my browser. I don't like being tracked. If you're dumb enough to transmit bits in the clear, you deserve whatever you get.

Okay, so the FTC is mad about them violating privacy. So what do they have to do? Agree to an "independent" privacy review? And how picks this organization? Google? Why doesn't the FTC put our tax dollars to work and investigate Google themselves?

By all means, let the FTC grow to accommodate the job of investigating Google biannually while private companies wither for lack of work, so that private working citizens can pay for it with their tax dollars because public corporations won't.

Google has totally been publicly whipped for Buzz and for collecting WiFi data....

And yet the Telecoms are collecting who-even-has-a-guess-how-much data on our data exchanges, tracking our position, hacking our phones to turn them into ease dropping devices, and whatever else. And we know AT&T, Verizon, Sprint, etc. are sharing this data freely without warrants with the government.

And our government keeps extending and extending and extending the extraordinary measures of the Patriot Act without providing any evidence that this is needed!

Big Content is pushing to reduce our privacy further, and insists upon technologies aimed at reducing file sharing, while enabling all sorts of fun Actors like Iran to use the same technologies to cut off their population from the rest of the Internet.

Now I am happy that Google is willing to take input on better privacy. And they NEED to be good about privacy, as more and more of our communications are open to them. But they are not alone. There are other companies that need to step up to the privacy needs of their customers.

WiFi data that was broadcast in the clear, so by definition perfectly OK to receive.

I'm no google fan, I hate them, block their scripts, and refuse to use their services or let them collect data about me. But pretending they did something wrong when they didn't serves no purpose except to dilute the case when they really *have* done bad things.

Once more, with feeling: if you shout, don't be dismayed when someone hears. The very technical definition of 802.11 makes it permissib

See, you posted anonymously, taking reasonable measures to ensure that your (very cerebral) comment can't be linked to you. This is -- in a very loose sense -- somewhat akin to encrypting your WiFi, something the victims of Google's data collection did not do.

If you don't want your brilliant comments hurting your karma (or be traceable to your account / real name / whatever), post anonymously; if you don't want your WiFi data being broadcast to all, encrypt it. Neither is a perfect solution, but both are

See, you posted anonymously, taking reasonable measures to ensure that your (very cerebral) comment can't be linked to you. This is -- in a very loose sense -- somewhat akin to encrypting your WiFi, something the victims of Google's data collection did not do.

If you don't want your brilliant comments hurting your karma (or be traceable to your account / real name / whatever), post anonymously; if you don't want your WiFi data being broadcast to all, encrypt it. Neither is a perfect solution, but both are easy first steps.

But judge, clearly this woman wanted me to sniff her panties or she would've closed her bedroom window.

When I was getting my ham license, the instructor related an anecdote of a married man arranging a tryst with someone other than his wife. He did this on a ham radio, using the local community's repeater to patch into the phone system (mobile calling has been around long before cell phones) -- and of course, everyone used that frequency. Needless to say, his wife, uh, found out.

Point is, if you're broadcasting sensitive information over the air, you need to encrypt it if you expect any privacy at all, pe

When I was getting my ham license, the instructor related an anecdote of a married man arranging a tryst with someone other than his wife. He did this on a ham radio, using the local community's repeater to patch into the phone system (mobile calling has been around long before cell phones) -- and of course, everyone used that frequency. Needless to say, his wife, uh, found out.

Point is, if you're broadcasting sensitive information over the air, you need to encrypt it if you expect any privacy at all, period (unless it's remarkably short-range). This was true in WWII, it was true in the 80's, and it's true today. I'm not saying I agree with what Google did, but someone with a laptop, GPS and kismet could do exactly the same thing, just on a smaller scale.

But it IS remarkably short range, 802.11n is like 50m indoors maybe ? It's more akin to listening at the keyhole than tuning into a broadcast as in your example. I'm all for encryption, the more the better, but that doesn't change the fact that there has to be a reasonable expectation of privacy even when encryption fails or more likely the setup is insecure out of the box and the technical know-how isn't there to improve things. Like I said elsewhere in the comments I could give a pass to a kid having fun,

From INSIDE my house, my laptop sees at least 5 different wireless networks from the surrounding houses. If I were in a dense neighborhood or an apartment complex, I'd see far more networks than that. So, no, 50 meters indoors is not "remarkably short range"; it is remarkably long range for a "private" network. This is not an accident; the range is long intentionally.

The blame for the Google fiasco is misdirected at Google. Yes, Google should not have collected the data, as a matter of privacy ethics. Howev

It's not necessarily legal to listen to (and archive) radio transmissions which aren't intended for you, even if they are sent unencrypted. There's a big difference between a television station and a private wireless computer network or cordless phone.

Google has totally been publicly whipped for Buzz and for collecting WiFi data....

As is richly deserved for flagrant and willful abuse of privacy. Now please explain to me why these same watchful agencies continue to look the other way and let Microsoft get away with murder in terms of continued market control of PC vendors and such destructive tactics as undermining the ISO standards process. How about fabricating evidence in court, what punishment was there for that?

At least Google is likely to learn and improve its behavior as a result of the punishment. Microsoft never would.

The difference here is that Google cares about its users... or at least maintains that it does. AT&T doesn't much give a damn and makes this pretty obvious.
Of course these things probably have more to do with user apathy and fleeting internet buzz (can I still use that word?) than actual corporate attitudes.

No, someone from "the outside" will audit Google to ensure that they are taking appropriate steps to protect your privacy.

This is not the same as seeing if your data is being leaked. It is a review of their processes.

To be clear, in the fine article, the Google director of privacy is quoted as saying:"We’ll receive an independent review of our privacy procedures once every two years, and we’ll ask users to give us affirmative consent before we change how we share their personal information."

Hehe.... According to the Googe rep's statement in the article, it's part of Google's agreement with the FTC, "to address their privacy concerns." In any case, I agree, it does sound reasonable, even if it's not entirely voluntary.

Can this really be anything else? I mean of all the telcos and other companies that we know violate our privacy in egregious ways, they have to pick on Google? Seriously? Is this the best they can come up with?